Lucene search
VmwareCVELIST:CVE-2021-21986HistoryMay 26, 2021 - 2:04 p.m.
CVE-2021-21986
2021-05-2614:04:35
vmware
www.cve.org
1
The vSphere Client (HTML5) contains a vulnerability in a vSphere authentication mechanism for the Virtual SAN Health Check, Site Recovery, vSphere Lifecycle Manager, and VMware Cloud Director Availability plug-ins. A malicious actor with network access to port 443 on vCenter Server may perform actions allowed by the impacted plug-ins without authentication.
CNA Affected
[
{
"product": "VMware vCenter Server and VMware Cloud Foundation",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "VMware vCenter Server (7.x before 7.0 U2b, 6.7 before 6.7 U3n, 6.5 before 6.5 U3p) and VMware Cloud Foundation (4.x before 4.2.1, 3.x before 3.10.2.1)"
}
]
}
]Related
cve
cve
CVE-2021-21986
2021-05-26 15:15:07
nvd
nvd
CVE-2021-21986
2021-05-26 15:15:07
prion
prion
Design/Logic Flaw
2021-05-26 15:15:00
trellix
trellix
Are Virtual Machines the New Gold for Cyber Criminals?
2021-06-10 00:00:00
Are Virtual Machines the New Gold for Cyber Criminals?
2021-06-10 00:00:00
vmware
vmware
nessus
nessus
threatpost
threatpost
VMware Sounds Ransomware Alarm Over Critical Severity Bug
2021-05-26 19:45:50
thn
thn
Critical RCE Vulnerability Found in VMware vCenter Server — Patch Now!
2021-05-26 04:57:00
ibm
ibm